I think the content-type S text/html; charset=utf-8 is due to the HTML answer of Resin for 401 Authentication Failed.Usually the sequence of requests is like this:
1.) Request without authentication header or wrong authentication supplied. 2.) Resin replies with 401 Unauthorized (actually I don't have a 3.1 instance to verify. 2.1 replies with 401 Unauthorized) 3.) New Request with authorization header. I would recommed to enable a full debug logging for the web-app (resin-web.xml): <web-app xmlns="http://caucho.com/ns/resin"; xmlns:resin="http://caucho.com/ns/resin/core";> <!-- - Debug Logging with a heavily loaded format attribute to get more information ... --> <log level="finest" path="WEB-INF/debug_${webApp.name}.log" timestamp="[%H:%M:%S.%s] {%{thread}} " format="[${app.contextPath}] ${log.level} ${log.sourceClassName} (${log.sourceMethodName}) ${log.message}"> <logger name="com.caucho" level="finest"/> </log> </web-app Maybe this can give further information about the underlying issue. 2009/7/14 Mktg. Incorporate Fast <[email protected]> > Hey Steffen, > > Thank you, the authentication appears to be partially working . However > I am still having an issue. I am creating a webservice for Google Checkout, > as shown below. The Basic authentication appears to now be working, as I > can see from the log files, however, when the incoming XML is received I am > still getting an 401 authentication failed error. It is kind of strange > because I am seeing the following in the log file? Should the web > service be setup a different way within Resin to allow for a web service > or is it possible a problem that the incoming file is viewed by Resin as "S > text/html; charset=utf-8" , instead of "content-type=application/xml; > charset=UTF-8" which was sent by Google? > > <<XML incoming from Google Checkout>> > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > start request > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > channel 1 > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > U:uri /notification > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > m:method POST > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] c > protocol: HTTP/1.0 > [10:49:06.917] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] v > server-host: www.domain.com > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] g > server-port: 80 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] h > 74.125.64.136 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] i > 74.125.64.136 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] j > remote-port: 57305 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] q > content-type=application/xml; charset=UTF-8 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > User-Agent=Google Checkout Notification Agent 1.0 > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Authorization=Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Host=www.domain.com > [10:49:06.918] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] p > content-length=2882 > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Via=1.1 proxy.google.com:80 (squid) > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > X-Forwarded-For=unknown > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Cache-Control=max-age=259200 > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Connection=keep-alive > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > SCRIPT_URL=/notification > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > SCRIPT_URI=http://www.domain.com/notification > [10:49:06.919] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] D > post-data: 2882 > [10:49:06.924] {hmux-127.0.0.1:6809-8$16874657}Dispatch '/notification' to > WebAppFilterChain[http://www.domain.com, next=CacheFilterChain[null?null, > next=SecurityFilterChain[]]] > [10:49:06.925] > {hmux-127.0.0.1:6809-8$16874657}SessionImpl[abcwZa9bhDI6b_OcDy6js,] new > [10:49:06.925] > {hmux-127.0.0.1:6809-8$16874657}SessionImpl[abcwZa9bhDI6b_OcDy6js,] create > session > [10:49:06.925] {hmux-127.0.0.1:6809-8$16874657}basic: userID -> userID > [10:49:06.925] {hmux-127.0.0.1:6809-8$16874657}userID is in role: resin > > > > <<Then the following apparent error>> > [10:49:06.927] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > Q:quit > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] s > 401 Authentication Failed. > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] M > cpu-load > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S 0 > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Set-Cookie > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S > JSESSIONID=abcwZa9bhDI6b_OcDy6js; path=/ > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] H > Content-Type > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] S > text/html; charset=utf-8 > [10:49:06.928] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] G > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > write-chunk(161) > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > D:data 161 > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] data > <<html> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<head><title>401 > Authentication Failed.</title></head> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<body> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<h1>401 Authentication > Failed.</h1> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<p /><hr /> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}<small> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Resin/3.1.8 > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}</small> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}</body></html> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}> > [10:49:06.929] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] Q: > quit channel > [10:49:06.930] {hmux-127.0.0.1:6809-8$16874657}Hmux[www.domain.com:8] > complete request - keepalive > [10:49:06.930] {hmux-127.0.0.1:6809-8$16874657}Tcp[www.domain.com,8] > keepalive (thread) > > > Thanks very much for your help! > > ------------------------------ > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Steffen Busch > *Sent:* Tuesday, July 14, 2009 12:51 AM > *To:* General Discussion for the Resin application server > *Subject:* Re: [Resin-interest] Google Checkout > > Hi Joey, > I don't have experience with Google Checkout integration with Resin, but > maybe I can still help a little bit. > First of all, do you know the content of Authorization-Header from Google? > Something like this: > > > Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== > > > The above line contains the BASE64 value of user name "Aladdin", password > "open sesame". > If you put "QWxhZGRpbjpvcGVuIHNlc2FtZQ==" into a BASE64 decoder (for > example http://www.motobit.com/util/base64-decoder-encoder.asp) you will > receive: "Aladdin:open sesame". > > > If you receive a value that you already know and is your (afaik from the > google api doc) MERCHANT_ID:MERCHANT_KEY then you would need to change the > Resin Configuration to use BASIC auth-method and no password-digest: > > > <authenticator type="com.caucho.server.security.XmlAuthenticator"> > <init> > <password-digest-realm>none</password-digest-realm> > <user>userID:userPWD:resin</user> > </init> > </authenticator> > <login-config auth-method="BASIC"/> > <security-constraint url-pattern='/notification' role-name='resin'/> > > You need to regenerate the userPWD with digest-realm of "none". > > Hope this helps. > > Regards, > Steffen > > > > 2009/7/14 Mktg. Incorporate Fast <[email protected]> > >> Hello, >> >> I'm trying to integrate google checkout with Resin, and they require BASIC >> HTML authentication on callback of XML posts. >> >> <authenticator type="com.caucho.server.security.XmlAuthenticator"> >> <init> >> <password-digest-realm>resin</password-digest-realm> >> <password-digest>MD5-base64</password-digest> >> <user>userID:userPWD:resin</user> >> </init> >> </authenticator> >> <login-config auth-method="DIGEST"/> >> <security-constraint url-pattern='/notification' role-name='resin'/> >> >> It constantly fails with error of wrong password. I have created the >> password as suggested in the Docs on caucho.com, however, the encrypted >> password sent back by Google is slightly different. I can't post those >> passwords becuase they are live passwords, so instead I'll post to the >> Google Docs. >> >> >> http://code.google.com/apis/checkout/developer/index.html#https_auth_scheme >> >> Has anybody had success setting up Google Checkout to work with Resin? >> >> Thanks >> >> Joey. >> >> _______________________________________________ >> resin-interest mailing list >> [email protected] >> http://maillist.caucho.com/mailman/listinfo/resin-interest >> >> > > _______________________________________________ > resin-interest mailing list > [email protected] > http://maillist.caucho.com/mailman/listinfo/resin-interest > >
_______________________________________________ resin-interest mailing list [email protected] http://maillist.caucho.com/mailman/listinfo/resin-interest
